QUESTION 44Which antispam technology assumes that email from server A, which has a history of distributing spam, is more likely to be spam than email from server B, which does not have a history of distributing spam?

A. It groups multiple ASAs as a single logical device.B. It can perform context-aware inspection.C. It provides high-density security services with high availability.D. It uses policy-based interface controls to inspect and forward TCP- and UDP-based packets.E. It can make context-aware decisions.F. It uses four cooperative architectural constructs to build the firewall.

Answer: BEF

QUESTION 47During initial configuration, the Cisco ASA can be configured to drop all traffic if the ASA CX SSP fails by using which command in a policy-map?

A. cxsc failB. cxsc fail-closeC. cxsc fail-openD. cxssp fail-close

Answer: B

QUESTION 48Cisco AVC allows control of which three of the following? (Choose three.)

A. FacebookB. LWAPPC. IPv6D. MySpaceE. TwitterF. WCCP

Answer: ADE

QUESTION 49The Web Security Appliance has identities defined for faculty and staff, students, and default access. The faculty and staff identity identifies users based on the source network and authenticated credentials. The identity for students identifies users based on the source network along with successful authentication credentials. The global identity is for guest users not authenticated against the domain.Recently, a change was made to the organization’s security policy to allow faculty and staff access to a social network website, and the security group changed the access policy for faculty and staff to allow the social networking category.Which are the two most likely reasons that the category is still being blocked for a faculty and staff user? (Choose two.)

A. The user is being matched against the student policy because the user did not enter credentials.B. The user is using an unsupported browser so the credentials are not working.C. The social networking URL was entered into a custom URL category that is blocked in the access policy.D. The user is connected to the wrong network and is being blocked by the student policy.E. The social networking category is being allowed but the AVC policy is still blocking the website.

Answer: CE

QUESTION 50Which five system management protocols are supported by the Intrusion Prevention System? (Choose five.)